package com.yugao.fintech.framework.security.xss.core;

import com.yugao.fintech.framework.core.utils.SpringUtils;
import com.yugao.fintech.framework.security.xss.config.SecurityXssProperties;
import com.yugao.fintech.framework.security.xss.utils.XssUtils;
import lombok.extern.slf4j.Slf4j;

/**
 * jackson xss 处理
 */
@Slf4j
public class XssCleanDeserializer extends XssCleanDeserializerBase {

    @Override
    public String clean(String name, String text) {
        // 读取 xss 配置
        SecurityXssProperties properties = SpringUtils.getBean(SecurityXssProperties.class);
        // 读取 XssCleaner bean
        XssCleaner xssCleaner = SpringUtils.getBean(XssCleaner.class);
        String value = xssCleaner.clean(XssUtils.trim(text, properties.isTrimText()));
        log.debug("Json property value:{} cleaned up by mica-xss, current value is:{}.", text, value);
        return value;
    }
}
